Labour Day Special - 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: c4sdisc65

GCED PDF

$38.5

$109.99

3 Months Free Update

Add to Cart
  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions

GCED PDF + Testing Engine

$61.6

$175.99

3 Months Free Update

Add to Cart
  • Exam Name: GIAC Certified Enterprise Defender
  • Last Update: May 3, 2024
  • Questions and Answers: 88
  • Free Real Questions Demo
  • Recommended by Industry Experts
  • Best Economical Package
  • Immediate Access

GCED Engine

$46.2

$131.99

3 Months Free Update

Add to Cart
  • Best Testing Engine
  • One Click installation
  • Recommended by Teachers
  • Easy to use
  • 3 Modes of Learning
  • State of Art Technology
  • 100% Real Questions included

GCED Practice Exam Questions with Answers GIAC Certified Enterprise Defender Certification

Question # 6

From a security perspective, how should the Root Bridge be determined in a Spanning Tree Protocol (STP) environment?

A.

Manually selected and defined by the network architect or engineer.

B.

Defined by selecting the highest Bridge ID to be the root bridge.

C.

Automatically selected by the Spanning Tree Protocol (STP).

D.

All switch interfaces become root bridges in an STP environment.

Full Access
Question # 7

In order to determine if network traffic adheres to expected usage and complies with technical standards, an organization would use a device that provides which functionality?

A.

Stateful packet filtering

B.

Signature matching

C.

Protocol anomaly detection

D.

CRC checking

E.

Forward error correction

Full Access
Question # 8

To detect worms and viruses buried deep within a network packet payload, Gigabytes worth of traffic content entering and exiting a network must be checked with which of the following technologies?

A.

Proxy matching

B.

Signature matching

C.

Packet matching

D.

Irregular expression matching

E.

Object matching

Full Access
Question # 9

Which command tool can be used to change the read-only or hidden setting of the file in the screenshot?

GCED question answer

A.

attrib

B.

type

C.

tasklist

D.

dir

Full Access
Question # 10

A security device processes the first packet from 10.62.34.12 destined to 10.23.10.7 and recognizes a malicious anomaly. The first packet makes it to 10.23.10.7 before the security devices sends a TCP RST to 10.62.34.12. What type of security device is this?

A.

Host IDS

B.

Active response

C.

Intrusion prevention

D.

Network access control

Full Access
Question # 11

What is needed to be able to use taskkill to end a process on remote system?

A.

Svchost.exe running on the remote system

B.

Domain login credentials

C.

Port 445 open

D.

Windows 7 or higher on both systems

Full Access
Question # 12

You are responding to an incident involving a Windows server on your company’s network. During the investigation you notice that the system downloaded and installed two files, iexplorer.exe and iexplorer.sys. Based on the behavior of the system you suspect that these files are part of a rootkit. If this is the case what is the likely purpose of the .sys file?

A.

It is a configuration file used to open a backdoor

B.

It is a logfile used to collect usernames and passwords

C.

It is a device driver used to load the rootkit

D.

It is an executable used to configure a keylogger

Full Access
Question # 13

Which of the following is the best way to establish and verify the integrity of a file before copying it during an investigation?

A.

Write down the file size of the file before and after copying and ensure they match

B.

Ensure that the MAC times are identical before and after copying the file

C.

Establish the chain of custody with the system description to prove it is the same image

D.

Create hash of the file before and after copying the image verifying they are identical

Full Access